公开(公告)号：US09630712B1

公开(公告)日：2017-04-25

申请号：US14863025

申请日：2015-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Scott Gerard Carmack ,  Narasimha Rao Lakkakula ,  Nima Sharifi Mehr

IPC: B64C39/00 ,  G01C23/00 ,  B64C39/02 ,  G05D1/04

CPC classification number: B64C39/024 ,  B64C37/02 ,  B64C39/022 ,  B64C2201/021 ,  B64C2201/024 ,  B64C2201/108 ,  B64C2201/12 ,  B64C2201/148 ,  B64D5/00 ,  G05D1/0661

Abstract: This disclosure describes systems and processes using multirotor lifter to deploy and/or engage fixed wing aircraft. For example, one or more unmanned multirotor lifters may engage an unmanned fixed wing aircraft, aerially navigate the fixed wing aircraft vertically to a desired altitude, and then release the fixed wing aircraft so that the fixed wing aircraft can initiate a flight plan. In some implementations, multirotor lifter may also be configured to engage fixed wing aircraft while both the multirotor lifters and the fixed wing aircraft are in flight.

公开(公告)号：US09571465B1

公开(公告)日：2017-02-14

申请号：US14490445

申请日：2014-09-18

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr ,  Christopher Dunn ,  Alexis Floyd ,  David James Kane-Parry ,  Volker Helmut Mosthaf ,  Christopher Gordon Williams

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/1433 ,  G06Q10/083 ,  G06Q20/405 ,  H04L9/3268 ,  H04L12/4625 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/101 ,  H04L63/1441 ,  H04L63/1483 ,  H04L67/10 ,  H04L2209/26 ,  H04L2209/56

Abstract: Data security is enhanced by injecting insecurity into communications between two computer systems to test one of the computer systems. The insecurity is injected by modifying the communications between the two computer systems by modifying or adding messages. A response from one of the computer systems is monitored to determine whether the computer system reacts to the modification in a secure manner or if mitigating actions need to be performed.

Abstract translation: 通过在两台计算机系统之间的通信中注入不安全性来测试其中一台计算机系统来增强数据安全性。 通过修改或添加消息来修改两台计算机系统之间的通信来注入不安全性。 监视来自其中一个计算机系统的响应，以确定计算机系统是否以安全的方式对修改做出反应，或者是否需要执行缓解措施。

公开(公告)号：US11729171B1

公开(公告)日：2023-08-15

申请号：US17395892

申请日：2021-08-06

Applicant: Amazon Technologies, Inc.

Inventor： Muhammad Wasiq ,  Nima Sharifi Mehr

IPC: H04L9/40 ,  H04L67/02 ,  G06F21/62 ,  H04L61/4511 ,  H04L101/604

CPC classification number: H04L63/10 ,  G06F21/6263 ,  H04L61/4511 ,  H04L63/102 ,  H04L67/02 ,  H04L63/168 ,  H04L2101/604

Abstract: Disclosed are various embodiments for preventing the unintended leakage of cookie data. In one embodiment, a browser application stores cookie data from a first network site having a high-level domain in a client computing device. The cookie data includes a sharing attribute. The cookie data is automatically made accessible to the first network site. A network service is queried to obtain data indicating a classification associated with the first network site. The cookie data is made accessible to a second network site having the same high-level domain based at least in part on the sharing attribute and the classification meeting at least one predetermined criterion.

公开(公告)号：US11588855B2

公开(公告)日：2023-02-21

申请号：US16810331

申请日：2020-03-05

Applicant: Amazon Technologies, Inc.

Inventor： William Frederick Kruse ,  Nima Sharifi Mehr

IPC: H04L9/40 ,  G06F11/00 ,  G06Q10/10

Abstract: A customer of a policy management service may use an interface with a configuration and management service to interact with policies that may be applicable to the customer's one or more resources. The customer may create and/or modify the policies and the configuration and management service may notify one or more other entities of the created and/or modified policies. The one or more other entities may be operated by user authorized to approve the created and/or modified policies. Interactions with the configuration and management service may be the same as the interactions with the policy management service.

公开(公告)号：US11558388B2

公开(公告)日：2023-01-17

申请号：US16384866

申请日：2019-04-15

Applicant: Amazon Technologies, Inc.

Inventor： William Frederick Hingle Kruse ,  Nima Sharifi Mehr

IPC: H04L29/06 ,  H04L9/40

Abstract: A policy management service receives a request to evaluate a provisional policy to determine the impact of implementation of the provisional policy. The policy management service evaluates an active policy against a request to access a computing resource to determine an authorization decision. The policy management service then evaluates the provisional policy against the request to access the computing resource to generate an evaluation of the provisional policy. The policy management service provides the evaluation and the authorization decision in response to the request to evaluate the provisional policy.

公开(公告)号：US11366908B2

公开(公告)日：2022-06-21

申请号：US16821501

申请日：2020-03-17

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr

IPC: G06F21/57 ,  G06F21/51

Abstract: Disclosed are various embodiments for detecting unknown software vulnerabilities and system compromises. During a learning period in which execution of a software package is monitored, invoked portions of the software package are determined. Also, during learning period, a frequency of use of at least one of the invoked portions of the software package is determined. It is determined that the frequency of use during the learning period is different from a frequency of use after the learning period, and in response, an action is performed.

公开(公告)号：US11252190B1

公开(公告)日：2022-02-15

申请号：US14694973

申请日：2015-04-23

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr

IPC: H04L29/06

Abstract: The current document discloses systems and methods that implement access controls for service providers. When a client requests access to a service provider, but does not satisfy the conditions for non-limited access, the service provider provides limited access to the services based at least in part on a limited access policy. The limited access policy establishes a limitation that defines when the limited access to the service provider expires. In some implementations, the service provider issues a signed access token to the client, and the access token includes an expiration value that is updated when service requests are processed. When the access token expires, access to the service is terminated.

公开(公告)号：US11218419B1

公开(公告)日：2022-01-04

申请号：US15371108

申请日：2016-12-06

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr

IPC: G06F15/173 ,  H04L12/911 ,  H04L12/863

Abstract: Systems for processing requests to execute a program code of a user use a message queue service to store requests when there are not enough resources to process the requests. The message queue service distributes the stored requests across multiple queues; each queue is associated with a context of the underlying events that generate the requests. A context describes one or more attributes of the event, such as information identifying the requestor or the event source. Thus, queued messages are divided into different queues based on user ID, event source or location, event type, etc. The message queue service then selects from the queues when requested to deliver a queued request. This provides a balanced delivery of requests from different requestors or groups of requestors.

公开(公告)号：US20210344690A1

公开(公告)日：2021-11-04

申请号：US16865005

申请日：2020-05-01

Applicant: Amazon Technologies, Inc.

Inventor： Nima Sharifi Mehr

IPC: H04L29/06 ,  G06F16/25

Abstract: Various embodiments of apparatuses and methods for distributed threat sensor analysis and correlation of a malware threat intelligence system are described. In some embodiments, the system comprises a plurality of threat sensors, deployed at different network addresses and physically located in different geographic regions in a provider network, which detect interactions from sources. In some embodiments, a distributed threat sensor analysis and correlation service obtains significance scores for different sources of the interactions with the plurality of threat sensors. The service determines which of the sources are malicious actors based on the significance scores. The service receives identifiers of known actors such as compute instances in the provider network, client devices in a client network, or deployed IoT devices in a remote network, and correlates the malicious actors with the known actors to identify which known actors might be infected by malware.

公开(公告)号：US11150927B1

公开(公告)日：2021-10-19

申请号：US14822388

申请日：2015-08-10

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Nima Sharifi Mehr ,  Narasimha Rao Lakkakula ,  Scott Gerard Carmack

IPC: G06F9/455

Abstract: This document describes techniques for placing instances on servers of a service provider environment. In an example embodiment, a system can determine that characteristics of a new virtual machine instance match a co-tenant policy of an existing virtual machine instance on a server and factor that information into a decision to place the virtual machine instance.